Bobcares

Create and Manage User Accounts on oVirt and RHEV

by | Jan 15, 2021

Wondering how to Create and Manage User Accounts on oVirt? We can help you.

As part of our oVirt Support, Management & Monitoring Services, we assist our customers with several Red Hat queries.

Today, let us see how to create and manage user accounts to a running oVirt or RHEV platform

 

What is included in oVirt

oVirt is an open-source complete virtualization management platform found by Red Hat as a community project.

It includes:

  • Rich web-based user interfaces for both admin and non-admin users
  • Live migration of virtual machines and disks between hosts and storage
  • Integrated management of hosts, storage, and network configuration
  • High availability of virtual machines in the event of a host failure

Create and Manage User Accounts on oVirt

Create and Manage User Accounts on oVirt

Moving ahead, we can see an effective method our Support Engineers employ, in order to create and manage user accounts.

  • Create User Account on oVirt

oVirt/RHEV comes with a command-line tool under ovirt-aaa-jdbc-tool, to manage user accounts.

For a full list of options, we run:

# ovirt-aaa-jdbc-tool user –help
Usage: /usr/bin/ovirt-aaa-jdbc-tool [options] user module …
Perform user related tasks.

Options:
–help
Show help for this module.

Modules:
add
edit
delete
unlock
password-reset
show
help

The modules available are, add, edit, delete, unlock, password-reset, and show.

On the other hand, to add a new user to the system, we use the syntax:

# ovirt-aaa-jdbc-tool user add <username> –attribute=firstName=<First-Name> \ –attribute=lastName=<Last-Name>

For instance,

# ovirt-aaa-jdbc-tool user add bob –attribute=firstName=Bob \
–attribute=lastName=James

We should get output like below:

adding user bob…
user added successfully
Note: by default created user cannot log in. see:
/usr/bin/ovirt-aaa-jdbc-tool user password-reset –help.

 

  • Reset User Password on oVirt

By default, the user cannot log in, we need to set a password for it.

# ovirt-aaa-jdbc-tool user password-reset josphat
Password:
Reenter password:
updating user bob…
user updated successfully

Then, we will be asked for a password, enter, and confirm it. We use the same command for resetting the lost password.

 

  • View User details on oVirt

To view user account details on oVirt, we use the command:

# ovirt-aaa-jdbc-tool user show josphat
— User bob(03b76cc8-6bbb-4a65-a3e0-b40f257a6878) –Namespace: *Name: bob
ID: 03b76cc8-6bbb-4a65-a3e0-b40f257a6878
Display Name:
Email: First Name: Bob
Last Name: James
Department:
Title:
Description: Account Disabled: false
Account Locked: falseAccount Unlocked At: 1970-01-01 00:00:00Z
Account Valid From: 2018-04-03 07:09:58Z
Account Valid To: 2218-04-03 07:09:58Z
Account Without Password: false
Last successful Login At: 2018-04-11 18:49:09Z
Last unsuccessful Login At: 2018-04-03 09:33:54Z
Password Valid To: 2018-09-30 09:33:54Z

 

  • Assign User a Role on oVirt

This user account does not have privileges to manage all functions of oVirt. Hence, we need to assign this user privileges for SuperUser if we want it to work like any admin user account, else assign specific permissions.

Initially, log in to the dashboard as the admin user, and navigate to:

Administration > Configure > System Permissions > Add

On the next window, search for the user-added, in this case, bob, and click the GO button.

Once the account is shown, click on the checkbox to select it.

Change the Role to Assign to “SuperUser”. For other roles, select appropriately. Then click the OK button. A new role should assign to the user account.

 

  • Delete User on oVirt

If we no longer require the user account, we can delete it using the commands:

# ovirt-aaa-jdbc-tool user delete bob
deleting user bob…
user deleted successfully

Now, if we try to view user details, we should get an error message saying user account not found.

# ovirt-aaa-jdbc-tool user show bob
user bob not found

 

  • Disable a user account on oVirt

To lock a user account on oVirt we use:

# ovirt-aaa-jdbc-tool user edit <username> –flag=+disabled

 

  • Enable a disabled user account on oVirt

Similarly, to disable a user account, we use:

# ovirt-aaa-jdbc-tool user edit <username> –flag=-disabled

 

  • Unlock locked user account on oVirt

If a user account lock for many failed logins, we can unlock it using the command:

# ovirt-aaa-jdbc-tool user unlock <username>

For example,

# ovirt-aaa-jdbc-tool user unlock bob

 

  • Edit User email address

To change the email address, use the command:

# ovirt-aaa-jdbc-tool user edit bob –attribute=email=bob@example.com

[Stuck with any of the above steps? We’d be happy to assist]

 

Conclusion

To conclude, in order to Create and Manage User Accounts on oVirt and RHEV we use PowerShell commands. Today, we saw how our Support Engineers handle this query.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF